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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

1. (Currently Amended) A data processing apparatus for performing rights 
processing of content data encrypted with content key data based on usage control 
policy data, and for decrypting the encrypted content key data, the data processing 
apparatus comprising within a tamper-resistant circuit module: 

a first bus; 

an arithmetic processing circuit connected to the first bus, for performing the 
rights processing of the content data based on the usage control policy data; 
a storage circuit connected to the first bus; 
a second bus; 

a first interface circuit interposed between the first bus and the second bus; 
an encryption processing circuit connected to the second bus, for decrypting the 
content key data; 

a hash-value generating circuit that generates hash values of the content data, 
the content key data, and the usage control policy data by compressing the data into 
data having a predetermined bit length ; 

a public key encryption circuit that creates signature data using the hash values 
and verifies the integrity of the signature data; 

a common key encryption circuit; 
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an external bus interface circuit connected to the second bus; and 

a usage monitor; 

wherein the arithmetic processing circuit determines at least one of a purchase 
mode and a usage mode of the content data based on a handling policy indicated by 
the usage control policy data, and creates log data which includes a unique identifier of 
the content data, discount information, and tracing information and indicates result of 
the determined mode; and the arithmetic processing circuit creates usage control status 
data in accordance with the determined purchase mode, and controls the use of the 
content data based on the usage control status data; 

the usage control status data comprising a content identification for the content 
data, the purchase mode, an identification for the tamper-resistant circuit module, and a 
user identification for a user who has purchased the content data; 

wherein the usage monitor monitors the usage control policy data and the usage 
control status data to make sure that the content data is purchased and used as 
restricted by the usage control policy data and the usage control status data; and 

wherein the purchase mode is determined from one or more purchase mode 
options, and each purchase mode option has a different level of restriction imposed on 
a playback operation. 

2. (Previously Presented) A data processing apparatus according to claim 1, 
further comprising a second interface circuit within the tamper-resistant circuit module, 
wherein the first bus comprises a third bus connected to the arithmetic processing 
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circuit and the storage circuit, and a fourth bus connected to the first interface circuit, 

and the second interface circuit is interposed between the third bus and the fourth bus. 

3. (Previously Presented) A data processing apparatus according to claim 2, 
further comprising within the tamper-resistant circuit module: 

a fifth bus; 

a third interface circuit connected to the fifth bus, for performing communication 
with a data processing circuit having an authentication function which is loaded on one 
of a recording medium and an integrated circuit card; and 

a fourth interface circuit interposed between the fourth bus and the fifth bus. 

4. (Canceled) 

5. (Previously Presented) A data processing apparatus according to claim 1, 
wherein: 

the storage circuit stores private key data of the data processing apparatus and 
public key data of a second data processing apparatus; 

the public-key encryption circuit verifies the integrity of the usage control policy 
data, by using the public key data, and when recording the content data, the content key 
data, and the usage control policy data on a recording medium or when sending the 
content data, the content key data, and the usage control policy data to the second data 
processing apparatus, the public-key encryption circuit creates the signature data, 



-4- 



Customer No. 22,852 
Attorney Docket No.: 09812.0497-00 
Application No.: 09/741,668 

which verifies the integrity of the content data, the content key data, and the usage 

control policy data, by using the private key data; and 

the common-key encryption circuit decrypts the content key data, and when 

sending the content data, the content key data, and the usage control policy data to the 

second data processing apparatus online, the common-key encryption circuit encrypts 

and decrypts the content data, the content key data, and the usage control policy data 

by using session key data obtained by performing mutual authentication with the second 

data processing apparatus. 

6. (Canceled) 

7. (Previously Presented) A data processing apparatus according to claim 1, 
further comprising a random-number generating circuit within the tamper-resistant 
circuit module, the random-number generating circuit being connected to the second 
bus, for generating a random number for performing mutual authentication with a 
second data processing apparatus when sending the content data, the content key 
data, and the usage control policy data to the second data processing apparatus online. 

8. (Previously Presented) A data processing apparatus according to claim 1, 
wherein the external bus interface circuit is connected to an external storage circuit for 
storing at least one of the content data, the content key data, and the usage control 
policy data. 
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9. (Previously Presented) A data processing apparatus according to claim 8, 
further comprising a storage-circuit control circuit for controlling access to the storage 
circuit and access to the external storage circuit via the external bus interface circuit in 
accordance with a command from the arithmetic processing circuit. 

10. (Previously Presented) A data processing apparatus according to claim 1, 
wherein the external bus interface circuit is connected to a host arithmetic processing 
apparatus on which the data processing apparatus is loaded. 

11. (Previously Presented) A data processing apparatus according to claim 8, 
further comprising a storage management circuit for managing an address space of the 
storage circuit and an address space of the external storage circuit. 

12-14. (Canceled) 

15. (Previously Presented) A data processing apparatus according to claim 1, 
wherein, when the content key data is encrypted with license key data having an 
effective period, the storage circuit stores the license key data, the data processing 
apparatus further comprises a real time clock for generating real time, the arithmetic 
processing circuit reads the effective license key data from the storage circuit based on 
the real time indicated by the real time clock, and the common-key encryption circuit 
decrypts the content key data by using the read license key data. 



-6- 



Customer No. 22,852 
Attorney Docket No.: 09812.0497-00 
Application No.: 09/741,668 

16. (Previously Presented) A data processing apparatus according to claim 1, 
wherein the storage circuit writes and erases data in units of blocks, and the data 
processing apparatus comprises within the tamper-resistant circuit module, a write-lock 
control circuit for controlling the writing and erasing of the data into and from the storage 
circuit in units of blocks under the control of the arithmetic processing circuit. 

17. (Currently Amended) A data processing apparatus for performing rights 
processing of content data encrypted with content key data based on usage control 
policy data, and for decrypting the encrypted content key data, the data processing 
apparatus comprising within a tamper-resistant circuit module: 

a first bus; 

an arithmetic processing circuit connected to the first bus, for performing the 
rights processing of the content data based on the usage control policy data; 
a storage circuit connected to the first bus; 
a second bus; 

an interface circuit interposed between the first bus and the second bus; 
an encryption processing circuit connected to the second bus, for decrypting the 
content key data; 

a hash-value generating circuit that generates hash values of the content data, 
the content key data, and the usage control policy data by compressing the data into 
data having a predetermined bit length ; 

a public key encryption circuit that creates signature data using the hash values 
and verifies the integrity of the signature data; 
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a common key encryption circuit; 

an external bus interface circuit connected to the second bus; and 
a usage monitor; 

wherein, upon receiving an interrupt from an external circuit via the external bus 
interface circuit, the arithmetic processing circuit becomes a slave for the external circuit 
so as to perform processing designated by the interrupt, and reports a result of the 
processing to the external circuit; 

wherein the arithmetic processing circuit determines at least one of a purchase 
mode and a usage mode of the content data based on a handling policy indicated by 
the usage control policy data, and creates log data which includes a unique identifier of 
the content data, discount information, and tracing information and indicates a result of 
the determined mode; and the arithmetic processing circuit creates usage control status 
data in accordance with the determined purchase mode, and controls the use of the 
content data based on the usage control status data; 

the usage control status data comprising a content identification for the content 
data, the purchase mode, an identification for the tamper-resistant circuit module, and a 
user identification for a user who has purchased the content data; 

wherein the usage monitor monitors the usage control policy data and the usage 
control status data to make sure that the content data is purchased and used as 
restricted by the usage control policy data and the usage control status data; and 

wherein the purchase mode is determined from one or more purchase mode 
options, and each purchase mode option has a different level of restriction imposed on 
a playback operation. 
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18. (Previously Presented) A data processing apparatus according to claim 17, 
wherein the arithmetic processing circuit reports the result of the processing by 
outputting an interrupt to the external circuit. 

19. (Previously Presented) A data processing apparatus according to claim 17, 
wherein the external bus interface comprises a common memory for the arithmetic 
processing circuit and the external circuit, and the arithmetic processing circuit writes 
the result of the processing into the common memory, and the external circuit obtains 
the result of the processing by polling. 

20. (Previously Presented) A data processing apparatus according to claim 19, 
wherein the external bus interface comprises: 

a first status register indicating an execution status of the processing requested 
from the external circuit in the arithmetic processing circuit, and including a flag set by 
the arithmetic processing circuit and read by the external circuit; 

a second status register indicating whether the external circuit has requested the 
arithmetic processing circuit to perform processing, and including a flag set by the 
external circuit and read by the arithmetic processing circuit; and 

the common memory for storing a result of the processing. 

21. (Previously Presented) A data processing apparatus according to claim 18, 
wherein the storage circuit stores an interrupt program describing the processing 
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designated by the interrupt, and the arithmetic processing circuit performs the 

processing by executing the interrupt program read from the storage circuit. 

22. (Previously Presented) A data processing apparatus according to claim 21 , 
wherein the storage circuit stores a plurality of the interrupt programs, and a plurality of 
sub-routines to be read when executing the interrupt program, and the arithmetic 
processing circuit appropriately reads and executes the sub-routines from the storage 
circuit when executing the interrupt program read from the storage circuit. 

23-56. (Canceled) 

57. (Currently Amended) A data processing method of performing rights 
processing for content data encrypted with content key data based on usage control 
policy data, and of decrypting the encrypted content key data, the data processing 
method comprising the steps of: 

determining at least one of a purchase mode and a usage mode of the content 
data based on a handling policy indicated by the usage control policy data; 

creating log data which includes a unique identifier of the content data, discount 
information, and tracing information and indicates a result of the determined purchase 
mode; 

creating usage control status data in accordance with the determined purchase 
mode; the usage control status data comprising a content identification for the content 
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data, the purchase mode, an identification for a tamper-resistant circuit module, and a 

user identification for a user who has purchased the content data; 

monitoring the usage control policy data and the usage control status data to 
make sure that the content data is purchased and used as restricted by the usage 
control policy data and the usage control status data; 

controlling the use of the content data based on the usage control status data; 

recording the content data, for which the purchase mode is determined, on a 
recording medium; 

generating hash values of the content data, the content key data, and the usage 
control policy data by compressing the data into data having a predetermined bit length ; 

performing authentication; 

creating a signature data using the hash values; 

verifying the integrity of the signature data; 

sharing session key data obtained by the authentication; and 

encrypting the content key data and the usage control status data by using the 
session key data; 

wherein the purchase mode is determined from one or more purchase mode 
options, and each purchase mode option has a different level of restriction imposed on 
a playback operation. 
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